| |
| |||||||
Log-Analyse und Auswertung: Avira meldet spy.banker.gen - Wie werde ich den wieder los?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
12.06.2012, 22:22
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Avira meldet spy.banker.gen - Wie werde ich den wieder los? Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.06.2012, 21:32
| #17 |
 | Avira meldet spy.banker.gen - Wie werde ich den wieder los? und weiter geht es:
__________________Code:
ATTFilter
22:27:51.0793 5128 TDSS rootkit removing tool 2.7.39.0 Jun 14 2012 08:11:46
22:27:53.0848 5128 ============================================================
22:27:53.0848 5128 Current date / time: 2012/06/14 22:27:53.0848
22:27:53.0849 5128 SystemInfo:
22:27:53.0849 5128
22:27:53.0849 5128 OS Version: 6.1.7601 ServicePack: 1.0
22:27:53.0849 5128 Product type: Workstation
22:27:53.0849 5128 ComputerName: MAHONI-PC
22:27:53.0849 5128 UserName: Mahoni
22:27:53.0849 5128 Windows directory: C:\Windows
22:27:53.0849 5128 System windows directory: C:\Windows
22:27:53.0849 5128 Processor architecture: Intel x86
22:27:53.0849 5128 Number of processors: 2
22:27:53.0849 5128 Page size: 0x1000
22:27:53.0849 5128 Boot type: Normal boot
22:27:53.0849 5128 ============================================================
22:27:55.0052 5128 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:27:55.0054 5128 ============================================================
22:27:55.0054 5128 \Device\Harddisk0\DR0:
22:27:55.0054 5128 MBR partitions:
22:27:55.0054 5128 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x3D87000
22:27:55.0054 5128 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x56EB800, BlocksNum 0x139EAE73
22:27:55.0072 5128 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x190DA56C, BlocksNum 0xC353155
22:27:55.0072 5128 ============================================================
22:27:55.0102 5128 C: <-> \Device\Harddisk0\DR0\Partition0
22:27:55.0131 5128 D: <-> \Device\Harddisk0\DR0\Partition1
22:27:55.0131 5128 ============================================================
22:27:55.0131 5128 Initialize success
22:27:55.0131 5128 ============================================================
22:28:58.0691 1372 ============================================================
22:28:58.0692 1372 Scan started
22:28:58.0692 1372 Mode: Manual; SigCheck; TDLFS;
22:28:58.0692 1372 ============================================================
22:28:59.0266 1372 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:28:59.0399 1372 1394ohci - ok
22:28:59.0437 1372 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:28:59.0460 1372 ACPI - ok
22:28:59.0487 1372 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:28:59.0558 1372 AcpiPmi - ok
22:28:59.0680 1372 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:28:59.0706 1372 AdobeARMservice - ok
22:28:59.0799 1372 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:28:59.0834 1372 AdobeFlashPlayerUpdateSvc - ok
22:28:59.0903 1372 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
22:28:59.0952 1372 adp94xx - ok
22:28:59.0996 1372 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
22:29:00.0019 1372 adpahci - ok
22:29:00.0042 1372 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
22:29:00.0058 1372 adpu320 - ok
22:29:00.0094 1372 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:29:00.0232 1372 AeLookupSvc - ok
22:29:00.0293 1372 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:29:00.0370 1372 AFD - ok
22:29:00.0477 1372 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
22:29:00.0567 1372 AgereSoftModem - ok
22:29:00.0593 1372 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:29:00.0611 1372 agp440 - ok
22:29:00.0640 1372 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
22:29:00.0659 1372 aic78xx - ok
22:29:00.0704 1372 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:29:00.0746 1372 ALG - ok
22:29:00.0771 1372 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:29:00.0784 1372 aliide - ok
22:29:00.0800 1372 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:29:00.0814 1372 amdagp - ok
22:29:00.0819 1372 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:29:00.0832 1372 amdide - ok
22:29:00.0865 1372 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
22:29:00.0885 1372 AmdK8 - ok
22:29:00.0903 1372 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
22:29:00.0938 1372 AmdPPM - ok
22:29:00.0981 1372 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
22:29:00.0996 1372 amdsata - ok
22:29:01.0022 1372 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
22:29:01.0049 1372 amdsbs - ok
22:29:01.0065 1372 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
22:29:01.0078 1372 amdxata - ok
22:29:01.0159 1372 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
22:29:01.0201 1372 AntiVirSchedulerService - ok
22:29:01.0219 1372 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
22:29:01.0231 1372 AntiVirService - ok
22:29:01.0290 1372 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:29:01.0350 1372 AppID - ok
22:29:01.0386 1372 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:29:01.0459 1372 AppIDSvc - ok
22:29:01.0471 1372 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:29:01.0515 1372 Appinfo - ok
22:29:01.0575 1372 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
22:29:01.0652 1372 AppMgmt - ok
22:29:01.0701 1372 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
22:29:01.0720 1372 arc - ok
22:29:01.0738 1372 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
22:29:01.0756 1372 arcsas - ok
22:29:01.0776 1372 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:29:01.0923 1372 AsyncMac - ok
22:29:01.0940 1372 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:29:01.0952 1372 atapi - ok
22:29:02.0020 1372 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:29:02.0082 1372 AudioEndpointBuilder - ok
22:29:02.0088 1372 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:29:02.0119 1372 Audiosrv - ok
22:29:02.0136 1372 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
22:29:02.0164 1372 avgntflt - ok
22:29:02.0218 1372 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
22:29:02.0231 1372 avipbb - ok
22:29:02.0239 1372 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
22:29:02.0250 1372 avkmgr - ok
22:29:02.0284 1372 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:29:02.0368 1372 AxInstSV - ok
22:29:02.0428 1372 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
22:29:02.0472 1372 b06bdrv - ok
22:29:02.0529 1372 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:29:02.0581 1372 b57nd60x - ok
22:29:02.0670 1372 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
22:29:02.0709 1372 BBSvc - ok
22:29:02.0790 1372 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
22:29:02.0824 1372 BBUpdate - ok
22:29:02.0867 1372 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:29:02.0903 1372 BDESVC - ok
22:29:02.0939 1372 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:29:02.0984 1372 Beep - ok
22:29:03.0030 1372 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:29:03.0075 1372 BFE - ok
22:29:03.0136 1372 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
22:29:03.0187 1372 BITS - ok
22:29:03.0207 1372 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:29:03.0239 1372 blbdrive - ok
22:29:03.0276 1372 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:29:03.0323 1372 bowser - ok
22:29:03.0353 1372 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
22:29:03.0377 1372 BrFiltLo - ok
22:29:03.0389 1372 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
22:29:03.0420 1372 BrFiltUp - ok
22:29:03.0446 1372 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:29:03.0482 1372 Browser - ok
22:29:03.0511 1372 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:29:03.0535 1372 Brserid - ok
22:29:03.0546 1372 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:29:03.0568 1372 BrSerWdm - ok
22:29:03.0580 1372 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:29:03.0606 1372 BrUsbMdm - ok
22:29:03.0625 1372 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:29:03.0654 1372 BrUsbSer - ok
22:29:03.0697 1372 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
22:29:03.0757 1372 BthEnum - ok
22:29:03.0779 1372 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
22:29:03.0811 1372 BTHMODEM - ok
22:29:03.0835 1372 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
22:29:03.0852 1372 BthPan - ok
22:29:03.0918 1372 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
22:29:03.0965 1372 BTHPORT - ok
22:29:04.0020 1372 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:29:04.0055 1372 bthserv - ok
22:29:04.0093 1372 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
22:29:04.0119 1372 BTHUSB - ok
22:29:04.0145 1372 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:29:04.0179 1372 cdfs - ok
22:29:04.0231 1372 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:29:04.0259 1372 cdrom - ok
22:29:04.0299 1372 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:29:04.0342 1372 CertPropSvc - ok
22:29:04.0372 1372 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:29:04.0395 1372 circlass - ok
22:29:04.0424 1372 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:29:04.0442 1372 CLFS - ok
22:29:04.0512 1372 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:29:04.0525 1372 clr_optimization_v2.0.50727_32 - ok
22:29:04.0605 1372 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:29:04.0640 1372 clr_optimization_v4.0.30319_32 - ok
22:29:04.0657 1372 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:29:04.0687 1372 CmBatt - ok
22:29:04.0704 1372 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:29:04.0727 1372 cmdide - ok
22:29:04.0803 1372 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
22:29:04.0859 1372 CNG - ok
22:29:04.0879 1372 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:29:04.0903 1372 Compbatt - ok
22:29:04.0938 1372 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
22:29:04.0974 1372 CompositeBus - ok
22:29:04.0986 1372 COMSysApp - ok
22:29:05.0001 1372 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
22:29:05.0014 1372 crcdisk - ok
22:29:05.0061 1372 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
22:29:05.0090 1372 CryptSvc - ok
22:29:05.0131 1372 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:29:05.0187 1372 CSC - ok
22:29:05.0240 1372 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
22:29:05.0276 1372 CscService - ok
22:29:05.0327 1372 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:29:05.0375 1372 DcomLaunch - ok
22:29:05.0401 1372 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:29:05.0447 1372 defragsvc - ok
22:29:05.0525 1372 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:29:05.0579 1372 DfsC - ok
22:29:05.0624 1372 dgderdrv (3be1651c63954067940e7f473498ad70) C:\Windows\system32\drivers\dgderdrv.sys
22:29:05.0647 1372 dgderdrv - ok
22:29:05.0684 1372 dgdersvc (10b8f89d146d0e20b1284d47bb4ec6c9) C:\Windows\system32\dgdersvc.exe
22:29:05.0695 1372 dgdersvc - ok
22:29:05.0752 1372 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:29:05.0851 1372 Dhcp - ok
22:29:05.0870 1372 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:29:05.0912 1372 discache - ok
22:29:05.0953 1372 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
22:29:05.0981 1372 Disk - ok
22:29:06.0025 1372 DKbFltr (c701324c9e0c25dd9d60311bd87fbc84) C:\Windows\system32\DRIVERS\DKbFltr.sys
22:29:06.0035 1372 DKbFltr - ok
22:29:06.0064 1372 dmvsc (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys
22:29:06.0098 1372 dmvsc - ok
22:29:06.0127 1372 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:29:06.0162 1372 Dnscache - ok
22:29:06.0206 1372 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:29:06.0251 1372 dot3svc - ok
22:29:06.0276 1372 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:29:06.0353 1372 DPS - ok
22:29:06.0384 1372 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:29:06.0419 1372 drmkaud - ok
22:29:06.0492 1372 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:29:06.0539 1372 DXGKrnl - ok
22:29:06.0579 1372 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:29:06.0679 1372 EapHost - ok
22:29:06.0916 1372 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
22:29:07.0003 1372 ebdrv - ok
22:29:07.0131 1372 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:29:07.0173 1372 EFS - ok
22:29:07.0253 1372 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:29:07.0299 1372 ehRecvr - ok
22:29:07.0311 1372 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:29:07.0335 1372 ehSched - ok
22:29:07.0435 1372 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
22:29:07.0477 1372 elxstor - ok
22:29:07.0548 1372 epmntdrv (539ca34fbc74ec366a0d751028c32a08) C:\Windows\system32\epmntdrv.sys
22:29:07.0592 1372 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
22:29:07.0592 1372 epmntdrv - detected UnsignedFile.Multi.Generic (1)
22:29:07.0608 1372 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:29:07.0641 1372 ErrDev - ok
22:29:07.0660 1372 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\Windows\system32\EuGdiDrv.sys
22:29:07.0674 1372 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
22:29:07.0674 1372 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
22:29:07.0713 1372 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:29:07.0761 1372 EventSystem - ok
22:29:07.0793 1372 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:29:07.0836 1372 exfat - ok
22:29:07.0871 1372 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:29:07.0920 1372 fastfat - ok
22:29:07.0996 1372 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:29:08.0058 1372 Fax - ok
22:29:08.0076 1372 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys
22:29:08.0104 1372 fdc - ok
22:29:08.0116 1372 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:29:08.0159 1372 fdPHost - ok
22:29:08.0169 1372 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:29:08.0198 1372 FDResPub - ok
22:29:08.0222 1372 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:29:08.0236 1372 FileInfo - ok
22:29:08.0252 1372 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:29:08.0296 1372 Filetrace - ok
22:29:08.0309 1372 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys
22:29:08.0336 1372 flpydisk - ok
22:29:08.0376 1372 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:29:08.0402 1372 FltMgr - ok
22:29:08.0486 1372 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
22:29:08.0533 1372 FontCache - ok
22:29:08.0602 1372 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:29:08.0622 1372 FontCache3.0.0.0 - ok
22:29:08.0647 1372 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:29:08.0665 1372 FsDepends - ok
22:29:08.0716 1372 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\Windows\system32\FsUsbExDisk.SYS
22:29:08.0743 1372 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
22:29:08.0743 1372 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
22:29:08.0814 1372 FsUsbExService (f96c429788350db4ba6771c3034dfd88) C:\Windows\system32\FsUsbExService.Exe
22:29:08.0854 1372 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
22:29:08.0854 1372 FsUsbExService - detected UnsignedFile.Multi.Generic (1)
22:29:08.0886 1372 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:29:08.0903 1372 Fs_Rec - ok
22:29:08.0949 1372 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:29:08.0978 1372 fvevol - ok
22:29:09.0001 1372 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
22:29:09.0015 1372 gagp30kx - ok
22:29:09.0079 1372 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:29:09.0130 1372 gpsvc - ok
22:29:09.0221 1372 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
22:29:09.0235 1372 gupdate - ok
22:29:09.0247 1372 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe
22:29:09.0257 1372 gupdatem - ok
22:29:09.0273 1372 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:29:09.0332 1372 hcw85cir - ok
22:29:09.0398 1372 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:29:09.0449 1372 HdAudAddService - ok
22:29:09.0482 1372 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:29:09.0505 1372 HDAudBus - ok
22:29:09.0521 1372 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
22:29:09.0545 1372 HidBatt - ok
22:29:09.0572 1372 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
22:29:09.0603 1372 HidBth - ok
22:29:09.0628 1372 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:29:09.0658 1372 HidIr - ok
22:29:09.0677 1372 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
22:29:09.0724 1372 hidserv - ok
22:29:09.0763 1372 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
22:29:09.0786 1372 HidUsb - ok
22:29:09.0813 1372 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:29:09.0841 1372 hkmsvc - ok
22:29:09.0868 1372 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:29:09.0914 1372 HomeGroupListener - ok
22:29:09.0954 1372 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:29:09.0998 1372 HomeGroupProvider - ok
22:29:10.0016 1372 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:29:10.0031 1372 HpSAMD - ok
22:29:10.0084 1372 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:29:10.0125 1372 HTTP - ok
22:29:10.0142 1372 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:29:10.0156 1372 hwpolicy - ok
22:29:10.0175 1372 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
22:29:10.0197 1372 i8042prt - ok
22:29:10.0239 1372 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
22:29:10.0272 1372 iaStorV - ok
22:29:10.0411 1372 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:29:10.0485 1372 idsvc - ok
22:29:10.0525 1372 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
22:29:10.0539 1372 iirsp - ok
22:29:10.0617 1372 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:29:10.0679 1372 IKEEXT - ok
22:29:10.0867 1372 IntcAzAudAddService (0557aaee4c86e2c333acd2baf42a7619) C:\Windows\system32\drivers\RTKVHDA.sys
22:29:10.0949 1372 IntcAzAudAddService - ok
22:29:11.0085 1372 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:29:11.0106 1372 intelide - ok
22:29:11.0131 1372 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:29:11.0146 1372 intelppm - ok
22:29:11.0171 1372 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:29:11.0200 1372 IPBusEnum - ok
22:29:11.0219 1372 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:29:11.0258 1372 IpFilterDriver - ok
22:29:11.0318 1372 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:29:11.0381 1372 iphlpsvc - ok
22:29:11.0388 1372 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:29:11.0403 1372 IPMIDRV - ok
22:29:11.0424 1372 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:29:11.0464 1372 IPNAT - ok
22:29:11.0483 1372 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:29:11.0513 1372 IRENUM - ok
22:29:11.0530 1372 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:29:11.0544 1372 isapnp - ok
22:29:11.0566 1372 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:29:11.0590 1372 iScsiPrt - ok
22:29:11.0619 1372 itecir (15f737ceda08fe6501c930682616db79) C:\Windows\system32\DRIVERS\itecir.sys
22:29:11.0665 1372 itecir - ok
22:29:11.0709 1372 JMCR (7e6a3e1cd74e8c97eed06670d2a691da) C:\Windows\system32\DRIVERS\jmcr.sys
22:29:11.0855 1372 JMCR - ok
22:29:11.0883 1372 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:29:11.0905 1372 kbdclass - ok
22:29:11.0941 1372 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
22:29:11.0971 1372 kbdhid - ok
22:29:12.0012 1372 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:29:12.0027 1372 KeyIso - ok
22:29:12.0038 1372 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
22:29:12.0053 1372 KSecDD - ok
22:29:12.0068 1372 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
22:29:12.0084 1372 KSecPkg - ok
22:29:12.0132 1372 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:29:12.0179 1372 KtmRm - ok
22:29:12.0211 1372 L1E (86d7f66ac2c0123ed81b2f3e835845c2) C:\Windows\system32\DRIVERS\L1E60x86.sys
22:29:12.0246 1372 L1E - ok
22:29:12.0291 1372 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
22:29:12.0359 1372 LanmanServer - ok
22:29:12.0400 1372 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:29:12.0434 1372 LanmanWorkstation - ok
22:29:12.0466 1372 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:29:12.0509 1372 lltdio - ok
22:29:12.0539 1372 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:29:12.0579 1372 lltdsvc - ok
22:29:12.0589 1372 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:29:12.0630 1372 lmhosts - ok
22:29:12.0673 1372 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
22:29:12.0713 1372 LSI_FC - ok
22:29:12.0737 1372 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
22:29:12.0752 1372 LSI_SAS - ok
22:29:12.0774 1372 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
22:29:12.0788 1372 LSI_SAS2 - ok
22:29:12.0797 1372 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
22:29:12.0812 1372 LSI_SCSI - ok
22:29:12.0831 1372 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:29:12.0861 1372 luafv - ok
22:29:12.0917 1372 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:29:12.0952 1372 MBAMProtector - ok
22:29:13.0079 1372 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:29:13.0116 1372 MBAMService - ok
22:29:13.0186 1372 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
22:29:13.0227 1372 McComponentHostService - ok
22:29:13.0257 1372 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:29:13.0278 1372 Mcx2Svc - ok
22:29:13.0302 1372 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
22:29:13.0320 1372 megasas - ok
22:29:13.0366 1372 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
22:29:13.0391 1372 MegaSR - ok
22:29:13.0438 1372 Microsoft SharePoint Workspace Audit Service - ok
22:29:13.0468 1372 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:29:13.0514 1372 MMCSS - ok
22:29:13.0535 1372 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:29:13.0574 1372 Modem - ok
22:29:13.0606 1372 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:29:13.0627 1372 monitor - ok
22:29:13.0646 1372 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:29:13.0661 1372 mouclass - ok
22:29:13.0701 1372 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:29:13.0745 1372 mouhid - ok
22:29:13.0771 1372 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:29:13.0785 1372 mountmgr - ok
22:29:13.0863 1372 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:29:13.0897 1372 MozillaMaintenance - ok
22:29:13.0919 1372 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:29:13.0933 1372 mpio - ok
22:29:13.0956 1372 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:29:13.0983 1372 mpsdrv - ok
22:29:14.0049 1372 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:29:14.0107 1372 MpsSvc - ok
22:29:14.0136 1372 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:29:14.0166 1372 MRxDAV - ok
22:29:14.0215 1372 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:29:14.0241 1372 mrxsmb - ok
22:29:14.0273 1372 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:29:14.0305 1372 mrxsmb10 - ok
22:29:14.0321 1372 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:29:14.0343 1372 mrxsmb20 - ok
22:29:14.0370 1372 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:29:14.0384 1372 msahci - ok
22:29:14.0407 1372 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:29:14.0421 1372 msdsm - ok
22:29:14.0465 1372 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:29:14.0500 1372 MSDTC - ok
22:29:14.0522 1372 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:29:14.0550 1372 Msfs - ok
22:29:14.0557 1372 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:29:14.0600 1372 mshidkmdf - ok
22:29:14.0611 1372 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:29:14.0624 1372 msisadrv - ok
22:29:14.0671 1372 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:29:14.0708 1372 MSiSCSI - ok
22:29:14.0712 1372 msiserver - ok
22:29:14.0731 1372 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:29:14.0760 1372 MSKSSRV - ok
22:29:14.0769 1372 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:29:14.0803 1372 MSPCLOCK - ok
22:29:14.0820 1372 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:29:14.0855 1372 MSPQM - ok
22:29:14.0880 1372 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:29:14.0895 1372 MsRPC - ok
22:29:14.0907 1372 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
22:29:14.0920 1372 mssmbios - ok
22:29:14.0924 1372 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:29:14.0952 1372 MSTEE - ok
22:29:14.0963 1372 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
22:29:14.0990 1372 MTConfig - ok
22:29:15.0007 1372 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:29:15.0021 1372 Mup - ok
22:29:15.0060 1372 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:29:15.0105 1372 napagent - ok
22:29:15.0145 1372 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:29:15.0184 1372 NativeWifiP - ok
22:29:15.0338 1372 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files\Nero\Update\NASvc.exe
22:29:15.0369 1372 NAUpdate - ok
22:29:15.0405 1372 NBVol (0ae25530894a934c6ca600865c6e9d7c) C:\Windows\system32\DRIVERS\NBVol.sys
22:29:15.0416 1372 NBVol - ok
22:29:15.0449 1372 NBVolUp (1ddcef3039c9d90af3529dee6699967d) C:\Windows\system32\DRIVERS\NBVolUp.sys
22:29:15.0458 1372 NBVolUp - ok
22:29:15.0546 1372 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:29:15.0579 1372 NDIS - ok
22:29:15.0596 1372 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:29:15.0630 1372 NdisCap - ok
22:29:15.0653 1372 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:29:15.0691 1372 NdisTapi - ok
22:29:15.0719 1372 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:29:15.0754 1372 Ndisuio - ok
22:29:15.0771 1372 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:29:15.0805 1372 NdisWan - ok
22:29:15.0820 1372 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:29:15.0845 1372 NDProxy - ok
22:29:15.0862 1372 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:29:15.0890 1372 NetBIOS - ok
22:29:15.0907 1372 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:29:15.0944 1372 NetBT - ok
22:29:15.0971 1372 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:29:15.0984 1372 Netlogon - ok
22:29:16.0067 1372 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:29:16.0120 1372 Netman - ok
22:29:16.0152 1372 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:29:16.0197 1372 netprofm - ok
22:29:16.0269 1372 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:29:16.0283 1372 NetTcpPortSharing - ok
22:29:16.0686 1372 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
22:29:16.0790 1372 netw5v32 - ok
22:29:17.0051 1372 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
22:29:17.0081 1372 nfrd960 - ok
22:29:17.0124 1372 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:29:17.0180 1372 NlaSvc - ok
22:29:17.0192 1372 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:29:17.0227 1372 Npfs - ok
22:29:17.0237 1372 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:29:17.0282 1372 nsi - ok
22:29:17.0295 1372 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:29:17.0322 1372 nsiproxy - ok
22:29:17.0459 1372 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
22:29:17.0537 1372 Ntfs - ok
22:29:17.0566 1372 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:29:17.0626 1372 Null - ok
22:29:18.0320 1372 nvlddmkm (646d250e731ec2ad624dcc944ac06f3d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:29:18.0621 1372 nvlddmkm - ok
22:29:18.0762 1372 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
22:29:18.0800 1372 nvraid - ok
22:29:18.0823 1372 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
22:29:18.0850 1372 nvstor - ok
22:29:18.0918 1372 nvsvc (03f1fc77f8477308195d19a5bf441d42) C:\Windows\system32\nvvsvc.exe
22:29:18.0956 1372 nvsvc - ok
22:29:18.0993 1372 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:29:19.0008 1372 nv_agp - ok
22:29:19.0028 1372 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:29:19.0054 1372 ohci1394 - ok
22:29:19.0135 1372 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:29:19.0175 1372 ose - ok
22:29:19.0626 1372 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:29:19.0757 1372 osppsvc - ok
22:29:19.0893 1372 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:29:19.0950 1372 p2pimsvc - ok
22:29:19.0987 1372 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:29:20.0030 1372 p2psvc - ok
22:29:20.0067 1372 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys
22:29:20.0083 1372 Parport - ok
22:29:20.0122 1372 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:29:20.0136 1372 partmgr - ok
22:29:20.0148 1372 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys
22:29:20.0163 1372 Parvdm - ok
22:29:20.0190 1372 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:29:20.0220 1372 PcaSvc - ok
22:29:20.0247 1372 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:29:20.0275 1372 pci - ok
22:29:20.0291 1372 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:29:20.0305 1372 pciide - ok
22:29:20.0334 1372 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
22:29:20.0379 1372 pcmcia - ok
22:29:20.0394 1372 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:29:20.0409 1372 pcw - ok
22:29:20.0467 1372 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:29:20.0531 1372 PEAUTH - ok
22:29:20.0625 1372 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
22:29:20.0679 1372 PeerDistSvc - ok
22:29:20.0810 1372 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:29:20.0894 1372 pla - ok
22:29:21.0055 1372 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:29:21.0160 1372 PlugPlay - ok
22:29:21.0191 1372 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:29:21.0225 1372 PNRPAutoReg - ok
22:29:21.0255 1372 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:29:21.0272 1372 PNRPsvc - ok
22:29:21.0325 1372 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:29:21.0379 1372 PolicyAgent - ok
22:29:21.0410 1372 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:29:21.0465 1372 Power - ok
22:29:21.0525 1372 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:29:21.0568 1372 PptpMiniport - ok
22:29:21.0581 1372 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
22:29:21.0611 1372 Processor - ok
22:29:21.0652 1372 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
22:29:21.0693 1372 ProfSvc - ok
22:29:21.0718 1372 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:29:21.0732 1372 ProtectedStorage - ok
22:29:21.0757 1372 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:29:21.0799 1372 Psched - ok
22:29:21.0914 1372 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
22:29:21.0979 1372 ql2300 - ok
22:29:22.0222 1372 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
22:29:22.0269 1372 ql40xx - ok
22:29:22.0300 1372 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:29:22.0342 1372 QWAVE - ok
22:29:22.0364 1372 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:29:22.0380 1372 QWAVEdrv - ok
22:29:22.0392 1372 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:29:22.0426 1372 RasAcd - ok
22:29:22.0466 1372 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:29:22.0492 1372 RasAgileVpn - ok
22:29:22.0517 1372 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:29:22.0559 1372 RasAuto - ok
22:29:22.0582 1372 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:29:22.0622 1372 Rasl2tp - ok
22:29:22.0658 1372 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:29:22.0717 1372 RasMan - ok
22:29:22.0733 1372 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:29:22.0762 1372 RasPppoe - ok
22:29:22.0773 1372 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:29:22.0813 1372 RasSstp - ok
22:29:22.0840 1372 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:29:22.0889 1372 rdbss - ok
22:29:22.0907 1372 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:29:22.0923 1372 rdpbus - ok
22:29:22.0935 1372 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:29:22.0972 1372 RDPCDD - ok
22:29:23.0009 1372 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:29:23.0072 1372 RDPDR - ok
22:29:23.0101 1372 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:29:23.0142 1372 RDPENCDD - ok
22:29:23.0164 1372 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:29:23.0203 1372 RDPREFMP - ok
22:29:23.0245 1372 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
22:29:23.0281 1372 RdpVideoMiniport - ok
22:29:23.0335 1372 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
22:29:23.0378 1372 RDPWD - ok
22:29:23.0425 1372 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:29:23.0452 1372 rdyboost - ok
22:29:23.0485 1372 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:29:23.0514 1372 RemoteAccess - ok
22:29:23.0543 1372 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:29:23.0575 1372 RemoteRegistry - ok
22:29:23.0613 1372 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
22:29:23.0638 1372 RFCOMM - ok
22:29:23.0665 1372 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:29:23.0702 1372 RpcEptMapper - ok
22:29:23.0725 1372 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:29:23.0746 1372 RpcLocator - ok
22:29:23.0784 1372 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:29:23.0816 1372 RpcSs - ok
22:29:23.0864 1372 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:29:23.0905 1372 rspndr - ok
22:29:23.0930 1372 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:29:23.0954 1372 s3cap - ok
22:29:23.0997 1372 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:29:24.0012 1372 SamSs - ok
22:29:24.0046 1372 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:29:24.0061 1372 sbp2port - ok
22:29:24.0077 1372 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:29:24.0128 1372 SCardSvr - ok
22:29:24.0144 1372 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:29:24.0186 1372 scfilter - ok
22:29:24.0251 1372 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:29:24.0311 1372 Schedule - ok
22:29:24.0409 1372 SchnapperPro-TimeSync (9e597f592ba097ad150d71f082a6286b) C:\Program Files\SchnapperPro\TimeSync.exe
22:29:24.0430 1372 SchnapperPro-TimeSync - ok
22:29:24.0456 1372 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:29:24.0489 1372 SCPolicySvc - ok
22:29:24.0511 1372 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:29:24.0575 1372 SDRSVC - ok
22:29:24.0606 1372 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:29:24.0635 1372 secdrv - ok
22:29:24.0653 1372 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:29:24.0692 1372 seclogon - ok
22:29:24.0708 1372 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
22:29:24.0745 1372 SENS - ok
22:29:24.0765 1372 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:29:24.0788 1372 SensrSvc - ok
22:29:24.0802 1372 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\drivers\serenum.sys
22:29:24.0817 1372 Serenum - ok
22:29:24.0833 1372 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\drivers\serial.sys
22:29:24.0862 1372 Serial - ok
22:29:24.0877 1372 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
22:29:24.0891 1372 sermouse - ok
22:29:24.0919 1372 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:29:24.0973 1372 SessionEnv - ok
22:29:24.0983 1372 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:29:25.0006 1372 sffdisk - ok
22:29:25.0010 1372 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:29:25.0026 1372 sffp_mmc - ok
22:29:25.0042 1372 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:29:25.0066 1372 sffp_sd - ok
22:29:25.0078 1372 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
22:29:25.0104 1372 sfloppy - ok
22:29:25.0142 1372 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:29:25.0208 1372 SharedAccess - ok
22:29:25.0247 1372 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:29:25.0306 1372 ShellHWDetection - ok
22:29:25.0320 1372 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:29:25.0335 1372 sisagp - ok
22:29:25.0361 1372 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
22:29:25.0375 1372 SiSRaid2 - ok
22:29:25.0398 1372 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
22:29:25.0413 1372 SiSRaid4 - ok
22:29:25.0456 1372 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:29:25.0491 1372 Smb - ok
22:29:25.0528 1372 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
22:29:25.0545 1372 SNMPTRAP - ok
22:29:25.0554 1372 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:29:25.0567 1372 spldr - ok
22:29:25.0599 1372 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
22:29:25.0644 1372 Spooler - ok
22:29:25.0886 1372 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
22:29:25.0980 1372 sppsvc - ok
22:29:26.0100 1372 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
22:29:26.0165 1372 sppuinotify - ok
22:29:26.0222 1372 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:29:26.0273 1372 srv - ok
22:29:26.0315 1372 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:29:26.0352 1372 srv2 - ok
22:29:26.0371 1372 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:29:26.0397 1372 srvnet - ok
22:29:26.0441 1372 ssadbus (6d83ff6722baf7e82a4521dbec363e5a) C:\Windows\system32\DRIVERS\ssadbus.sys
22:29:26.0482 1372 ssadbus - ok
22:29:26.0544 1372 ssadmdfl (5ae42e90f99749e0e35b9989a2d0275c) C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:29:26.0579 1372 ssadmdfl - ok
22:29:26.0622 1372 ssadmdm (9285d8aba50a4d6482b1574448f9eb76) C:\Windows\system32\DRIVERS\ssadmdm.sys
22:29:26.0640 1372 ssadmdm - ok
22:29:26.0679 1372 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
22:29:26.0721 1372 SSDPSRV - ok
22:29:26.0744 1372 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
22:29:26.0754 1372 ssmdrv - ok
22:29:26.0774 1372 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
22:29:26.0817 1372 SstpSvc - ok
22:29:26.0838 1372 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
22:29:26.0852 1372 stexstor - ok
22:29:26.0909 1372 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
22:29:26.0944 1372 StiSvc - ok
22:29:26.0965 1372 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:29:26.0978 1372 storflt - ok
22:29:27.0002 1372 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:29:27.0016 1372 storvsc - ok
22:29:27.0028 1372 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
22:29:27.0041 1372 swenum - ok
22:29:27.0233 1372 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:29:27.0272 1372 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
22:29:27.0272 1372 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
22:29:27.0326 1372 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:29:27.0384 1372 swprv - ok
22:29:27.0412 1372 Synth3dVsc (f2ad8960812fd111e20e84659ef19d43) C:\Windows\system32\drivers\synth3dvsc.sys
22:29:27.0426 1372 Synth3dVsc - ok
22:29:27.0470 1372 SynTP (93d33a3a0a4516584a1394c7821bae2e) C:\Windows\system32\DRIVERS\SynTP.sys
22:29:27.0493 1372 SynTP - ok
22:29:27.0598 1372 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:29:27.0681 1372 SysMain - ok
22:29:27.0699 1372 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:29:27.0735 1372 TabletInputService - ok
22:29:27.0774 1372 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:29:27.0817 1372 TapiSrv - ok
22:29:27.0836 1372 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:29:27.0868 1372 TBS - ok
22:29:28.0033 1372 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:29:28.0099 1372 Tcpip - ok
22:29:28.0120 1372 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:29:28.0155 1372 TCPIP6 - ok
22:29:28.0185 1372 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:29:28.0228 1372 tcpipreg - ok
22:29:28.0244 1372 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:29:28.0257 1372 TDPIPE - ok
22:29:28.0289 1372 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:29:28.0304 1372 TDTCP - ok
22:29:28.0321 1372 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:29:28.0351 1372 tdx - ok
22:29:28.0374 1372 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
22:29:28.0388 1372 TermDD - ok
22:29:28.0413 1372 terminpt (052306fd76793d5d5ab5d9891fd1adbb) C:\Windows\system32\drivers\terminpt.sys
22:29:28.0448 1372 terminpt - ok
22:29:28.0502 1372 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:29:28.0549 1372 TermService - ok
22:29:28.0567 1372 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:29:28.0603 1372 Themes - ok
22:29:28.0633 1372 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:29:28.0665 1372 THREADORDER - ok
22:29:28.0684 1372 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:29:28.0725 1372 TrkWks - ok
22:29:28.0776 1372 truecrypt (746b8cf9cededdd865472544edf626da) C:\Windows\system32\drivers\truecrypt.sys
22:29:28.0801 1372 truecrypt - ok
22:29:28.0859 1372 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:29:28.0903 1372 TrustedInstaller - ok
22:29:28.0918 1372 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:29:28.0953 1372 tssecsrv - ok
22:29:28.0966 1372 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:29:29.0000 1372 TsUsbFlt - ok
22:29:29.0029 1372 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
22:29:29.0056 1372 TsUsbGD - ok
22:29:29.0080 1372 tsusbhub (045acb987c650d8186c6b4a692223860) C:\Windows\system32\drivers\tsusbhub.sys
22:29:29.0103 1372 tsusbhub - ok
22:29:29.0139 1372 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:29:29.0167 1372 tunnel - ok
22:29:29.0179 1372 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
22:29:29.0193 1372 uagp35 - ok
22:29:29.0215 1372 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:29:29.0257 1372 udfs - ok
22:29:29.0288 1372 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:29:29.0311 1372 UI0Detect - ok
22:29:29.0335 1372 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:29:29.0349 1372 uliagpkx - ok
22:29:29.0377 1372 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
22:29:29.0392 1372 umbus - ok
22:29:29.0404 1372 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
22:29:29.0426 1372 UmPass - ok
22:29:29.0462 1372 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
22:29:29.0502 1372 UmRdpService - ok
22:29:29.0549 1372 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:29:29.0600 1372 upnphost - ok
22:29:29.0617 1372 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
22:29:29.0640 1372 usbccgp - ok
22:29:29.0660 1372 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:29:29.0676 1372 usbcir - ok
22:29:29.0702 1372 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
22:29:29.0723 1372 usbehci - ok
22:29:29.0783 1372 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
22:29:29.0829 1372 usbhub - ok
22:29:29.0841 1372 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
22:29:29.0869 1372 usbohci - ok
22:29:29.0884 1372 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:29:29.0921 1372 usbprint - ok
22:29:29.0969 1372 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
22:29:29.0994 1372 usbscan - ok
22:29:30.0038 1372 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:29:30.0087 1372 USBSTOR - ok
22:29:30.0098 1372 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
22:29:30.0124 1372 usbuhci - ok
22:29:30.0175 1372 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
22:29:30.0227 1372 usbvideo - ok
22:29:30.0249 1372 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:29:30.0315 1372 UxSms - ok
22:29:30.0345 1372 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:29:30.0359 1372 VaultSvc - ok
22:29:30.0395 1372 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:29:30.0409 1372 vdrvroot - ok
22:29:30.0454 1372 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:29:30.0507 1372 vds - ok
22:29:30.0529 1372 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:29:30.0555 1372 vga - ok
22:29:30.0569 1372 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:29:30.0596 1372 VgaSave - ok
22:29:30.0600 1372 VGPU - ok
22:29:30.0628 1372 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:29:30.0656 1372 vhdmp - ok
22:29:30.0676 1372 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:29:30.0690 1372 viaagp - ok
22:29:30.0701 1372 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
22:29:30.0730 1372 ViaC7 - ok
22:29:30.0742 1372 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:29:30.0755 1372 viaide - ok
22:29:30.0789 1372 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:29:30.0817 1372 vmbus - ok
22:29:30.0829 1372 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:29:30.0857 1372 VMBusHID - ok
22:29:30.0879 1372 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:29:30.0893 1372 volmgr - ok
22:29:30.0932 1372 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:29:30.0955 1372 volmgrx - ok
22:29:30.0981 1372 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:29:31.0005 1372 volsnap - ok
22:29:31.0058 1372 vpcbus (33e74df34753fcaab06f6f2bdc8cabf5) C:\Windows\system32\DRIVERS\vpchbus.sys
22:29:31.0102 1372 vpcbus - ok
22:29:31.0134 1372 vpcnfltr (5f04362ceb5fb5901037e9d9eadd3760) C:\Windows\system32\DRIVERS\vpcnfltr.sys
22:29:31.0148 1372 vpcnfltr - ok
22:29:31.0170 1372 vpcusb (625088d6ee9ede977fd03cf18d1cd5c5) C:\Windows\system32\DRIVERS\vpcusb.sys
22:29:31.0185 1372 vpcusb - ok
22:29:31.0237 1372 vpcvmm (5ed378d91e32134f3c0b3810860ffd71) C:\Windows\system32\drivers\vpcvmm.sys
22:29:31.0256 1372 vpcvmm - ok
22:29:31.0294 1372 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
22:29:31.0321 1372 vsmraid - ok
22:29:31.0438 1372 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:29:31.0504 1372 VSS - ok
22:29:31.0514 1372 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
22:29:31.0530 1372 vwifibus - ok
22:29:31.0576 1372 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:29:31.0638 1372 W32Time - ok
22:29:31.0664 1372 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
22:29:31.0685 1372 WacomPen - ok
22:29:31.0712 1372 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:29:31.0747 1372 WANARP - ok
22:29:31.0750 1372 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:29:31.0776 1372 Wanarpv6 - ok
22:29:31.0878 1372 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:29:31.0944 1372 wbengine - ok
22:29:31.0965 1372 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:29:32.0014 1372 WbioSrvc - ok
22:29:32.0047 1372 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:29:32.0089 1372 wcncsvc - ok
22:29:32.0105 1372 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:29:32.0144 1372 WcsPlugInService - ok
22:29:32.0299 1372 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
22:29:32.0349 1372 Wd - ok
22:29:32.0390 1372 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:29:32.0422 1372 Wdf01000 - ok
22:29:32.0436 1372 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:29:32.0495 1372 WdiServiceHost - ok
22:29:32.0498 1372 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:29:32.0517 1372 WdiSystemHost - ok
22:29:32.0547 1372 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:29:32.0586 1372 WebClient - ok
22:29:32.0609 1372 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:29:32.0651 1372 Wecsvc - ok
22:29:32.0662 1372 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:29:32.0690 1372 wercplsupport - ok
22:29:32.0718 1372 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:29:32.0748 1372 WerSvc - ok
22:29:32.0771 1372 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:29:32.0798 1372 WfpLwf - ok
22:29:32.0826 1372 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:29:32.0839 1372 WIMMount - ok
22:29:32.0934 1372 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:29:32.0995 1372 WinDefend - ok
22:29:33.0001 1372 WinHttpAutoProxySvc - ok
22:29:33.0064 1372 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:29:33.0104 1372 Winmgmt - ok
22:29:33.0222 1372 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:29:33.0301 1372 WinRM - ok
22:29:33.0376 1372 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:29:33.0414 1372 WinUsb - ok
22:29:33.0495 1372 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:29:33.0546 1372 Wlansvc - ok
22:29:33.0784 1372 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:29:33.0849 1372 wlidsvc - ok
22:29:33.0988 1372 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:29:34.0023 1372 WmiAcpi - ok
22:29:34.0090 1372 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:29:34.0138 1372 wmiApSrv - ok
22:29:34.0301 1372 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:29:34.0415 1372 WMPNetworkSvc - ok
22:29:34.0452 1372 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:29:34.0502 1372 WPCSvc - ok
22:29:34.0521 1372 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:29:34.0554 1372 WPDBusEnum - ok
22:29:34.0611 1372 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:29:34.0679 1372 ws2ifsl - ok
22:29:34.0704 1372 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
22:29:34.0724 1372 wscsvc - ok
22:29:34.0728 1372 WSearch - ok
22:29:34.0882 1372 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
22:29:34.0954 1372 wuauserv - ok
22:29:35.0096 1372 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:29:35.0175 1372 WudfPf - ok
22:29:35.0213 1372 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:29:35.0268 1372 WUDFRd - ok
22:29:35.0299 1372 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:29:35.0327 1372 wudfsvc - ok
22:29:35.0357 1372 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:29:35.0394 1372 WwanSvc - ok
22:29:35.0430 1372 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:29:36.0183 1372 \Device\Harddisk0\DR0 - ok
22:29:36.0190 1372 Boot (0x1200) (2c8777f074e44f85b93711660885104c) \Device\Harddisk0\DR0\Partition0
22:29:36.0193 1372 \Device\Harddisk0\DR0\Partition0 - ok
22:29:36.0227 1372 Boot (0x1200) (55772123ee310ce4dc95a9e9b9ab51c2) \Device\Harddisk0\DR0\Partition1
22:29:36.0229 1372 \Device\Harddisk0\DR0\Partition1 - ok
22:29:36.0247 1372 Boot (0x1200) (0552523d46ad781f3488040e8d4e10cd) \Device\Harddisk0\DR0\Partition2
22:29:36.0247 1372 \Device\Harddisk0\DR0\Partition2 - ok
22:29:36.0247 1372 ============================================================
22:29:36.0247 1372 Scan finished
22:29:36.0247 1372 ============================================================
22:29:36.0268 4972 Detected object count: 5
22:29:36.0268 4972 Actual detected object count: 5
22:29:49.0873 4972 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:49.0873 4972 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:49.0874 4972 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:49.0874 4972 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:49.0875 4972 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:49.0875 4972 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:49.0877 4972 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:49.0877 4972 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:49.0879 4972 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:49.0879 4972 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
Toni |
|
15.06.2012, 14:03
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet spy.banker.gen - Wie werde ich den wieder los? Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
15.06.2012, 18:44
| #19 |
| | Avira meldet spy.banker.gen - Wie werde ich den wieder los? Combofix ausgeführt und folgendes log erzeugt: [code] Combofix Logfile: Code:
ATTFilter ComboFix 12-06-15.03 - Mahoni 15.06.2012 19:09:00.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.3070.1448 [GMT 2:00]
ausgeführt von:: c:\users\Mahoni\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Mahoni\AppData\Roaming\AcroIEHelpe.txt
c:\users\Mahoni\AppData\Roaming\srvblck5.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-05-15 bis 2012-06-15 ))))))))))))))))))))))))))))))
.
.
2012-06-15 17:34 . 2012-06-15 17:34 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AEA497CE-3F8E-4BE8-A1CF-7BB226788824}\offreg.dll
2012-06-15 17:00 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AEA497CE-3F8E-4BE8-A1CF-7BB226788824}\mpengine.dll
2012-06-14 20:54 . 2012-06-14 21:57 -------- d-----w- c:\users\Mahoni\AppData\Roaming\vlc
2012-06-12 19:16 . 2012-06-12 19:16 -------- d-----w- C:\_OTL
2012-06-08 21:21 . 2012-06-08 21:21 -------- d-----w- c:\program files\ESET
2012-06-03 14:34 . 2012-06-03 14:34 -------- d-----w- c:\users\Michaela\AppData\Local\PhotoDose
2012-06-01 05:38 . 2012-06-01 05:38 -------- d-----w- c:\users\Mahoni\AppData\Local\ElevatedDiagnostics
2012-05-31 21:13 . 2012-05-31 21:13 -------- d-----w- c:\users\Mahoni\AppData\Roaming\Malwarebytes
2012-05-31 21:13 . 2012-05-31 21:13 -------- d-----w- c:\programdata\Malwarebytes
2012-05-31 21:13 . 2012-05-31 21:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-31 21:13 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-31 17:06 . 2012-05-31 17:06 -------- d-----w- c:\users\Mahoni\AppData\Roaming\12011
2012-05-29 21:58 . 2012-05-29 21:58 -------- d-----w- c:\users\Mahoni\AppData\Roaming\TeamViewer
2012-05-22 19:20 . 2012-05-22 19:20 -------- d-----w- c:\users\Mahoni\AppData\Roaming\12010
2012-05-21 19:29 . 2012-05-21 19:29 -------- d-----w- c:\users\Mahoni\AppData\Roaming\12009
2012-05-17 13:33 . 2012-05-17 13:33 -------- d-----w- c:\users\Mahoni\AppData\Roaming\12008
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-08 19:55 . 2011-12-02 20:18 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 19:55 . 2011-12-02 20:18 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-07 05:32 . 2012-04-11 08:36 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-07 05:32 . 2011-12-01 22:17 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-31 04:39 . 2012-05-09 05:26 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-09 05:26 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 02:36 . 2012-05-09 05:26 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 10:23 . 2012-05-09 17:36 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-13 19:02 . 2011-12-01 21:59 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2010-09-06 3365176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-08-12 6265376]
"Skytel"="Skytel.exe" [2008-08-12 1833504]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-06 13797920]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-04 1037608]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-11-23 1115728]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-11-18 1492264]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-04-26 116648]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 257696]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-04-26 116648]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-12-01 85136]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-13 129976]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2010-07-20 96488]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2010-07-20 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2010-07-20 121576]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 56496]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 12464]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-19 36000]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2010-09-06 95568]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-09-06 217088]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 SchnapperPro-TimeSync;SchnapperPro-TimeSync;c:\program files\SchnapperPro\TimeSync.exe [2007-08-30 45664]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-09-06 18120]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-09-06 36640]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2009-03-09 56320]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - FSUSBEXDISK
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 05:32]
.
2012-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-26 18:37]
.
2012-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-26 18:37]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: An SchnapperPro senden - hxxp://www.sniper-tool.de/SchnapperPro/IE-MenuExt.html
IE: Free YouTube to MP3 Converter - c:\users\Mahoni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Mahoni\AppData\Roaming\Mozilla\Firefox\Profiles\ab1z9gm4.default\
FF - prefs.js: browser.search.selectedEngine -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - (no file)
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-15 19:38:09 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-06-15 17:38
.
Vor Suchlauf: 1.845.800.960 Bytes frei
Nach Suchlauf: 1.725.820.928 Bytes frei
.
- - End Of File - - A42EBA6928F6BA4D68E90BC2AB794F47
|
|
17.06.2012, 21:11
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet spy.banker.gen - Wie werde ich den wieder los? Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.06.2012, 21:21
| #21 |
| | Avira meldet spy.banker.gen - Wie werde ich den wieder los? Osam Code:
ATTFilter OSAM Logfile: [code] GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-06-25 22:19:22
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 WDC_WD3200BEVT-22ZCT0 rev.11.01A11
Running: g3ipx4jp.exe; Driver: C:\Users\Mahoni\AppData\Local\Temp\axdiypog.sys
---- System - GMER 1.0.15 ----
SSDT 906C8076 ZwCreateSection
SSDT 906C8080 ZwRequestWaitReplyPort
SSDT 906C807B ZwSetContextThread
SSDT 906C8085 ZwSetSecurityObject
SSDT 906C808A ZwSystemDebugControl
SSDT 906C8017 ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82C933C9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CCCD52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82CD3EAC 4 Bytes [76, 80, 6C, 90] {JBE 0xffffffffffffff82; INSB ; NOP }
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 82CD4208 4 Bytes [80, 80, 6C, 90]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 82CD424C 4 Bytes [7B, 80, 6C, 90] {JNP 0xffffffffffffff82; INSB ; NOP }
.text ntkrnlpa.exe!KeRemoveQueueEx + 1613 82CD42C8 4 Bytes [85, 80, 6C, 90]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1667 82CD431C 4 Bytes [8A, 80, 6C, 90]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[3376] ntdll.dll!LdrLoadDll 7736223E 5 Bytes JMP 6459C930 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3376] kernel32.dll!MapViewOfFile 758793DB 5 Bytes JMP 647CE083 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3376] kernel32.dll!VirtualAlloc 7587C43A 5 Bytes JMP 647CE0AA C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3376] GDI32.dll!CreateDIBSection 75A58850 5 Bytes JMP 647CE00D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[4004] USER32.dll!SetWindowLongA 75E08BA3 5 Bytes JMP 64925EE6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[4004] USER32.dll!SetWindowLongW 75E14449 5 Bytes JMP 64925E78 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[4004] USER32.dll!GetWindowInfo 75E14B5E 5 Bytes JMP 64714822 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[4004] USER32.dll!TrackPopupMenu 75E22228 5 Bytes JMP 64714DD6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy5 NBVolUp.sys (Nero Backup Volume Upper Filter Driver for the Disk Stack/Nero AG)
Device \Driver\ACPI_HAL \Device\00000052 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001fe1f53f1a
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001fe1f53f1a (not active ControlSet)
---- Files - GMER 1.0.15 ----
File C:\Windows\SoftwareDistribution\Download\c258220709b3077a8dec20c4a382b934220a50a0 287264 bytes executable
---- EOF - GMER 1.0.15 ----
Vielen Dank Toni |
|
26.06.2012, 09:29
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet spy.banker.gen - Wie werde ich den wieder los? Was ist mit aswMBR?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.06.2012, 20:30
| #23 |
| | Avira meldet spy.banker.gen - Wie werde ich den wieder los? hier ist es: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-25 22:53:09
-----------------------------
22:53:09.623 OS Version: Windows 6.1.7601 Service Pack 1
22:53:09.623 Number of processors: 2 586 0x1706
22:53:09.625 ComputerName: MAHONI-PC UserName: Mahoni
22:53:10.363 Initialize success
22:53:15.152 AVAST engine defs: 12062500
22:53:24.878 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
22:53:24.880 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 11
22:53:24.932 Disk 0 MBR read successfully
22:53:24.935 Disk 0 MBR scan
22:53:24.942 Disk 0 Windows 7 default MBR code
22:53:24.958 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13000 MB offset 2048
22:53:25.011 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 31502 MB offset 26626048
22:53:25.039 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 160725 MB offset 91142144
22:53:25.046 Disk 0 Partition - 00 0F Extended LBA 100006 MB offset 420324653
22:53:25.069 Disk 0 Partition 4 00 07 HPFS/NTFS 100006 MB offset 420324716
22:53:25.131 Disk 0 scanning sectors +625137345
22:53:25.334 Disk 0 scanning C:\Windows\system32\drivers
22:54:28.225 Service scanning
22:54:53.478 Modules scanning
22:55:30.622 Disk 0 trace - called modules:
22:55:30.691 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
22:55:30.702 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x861d4460]
22:55:30.713 3 CLASSPNP.SYS[8b38759e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x85c9c908]
22:55:30.724 Scan finished successfully
07:19:58.997 Disk 0 MBR has been saved successfully to "C:\Users\Mahoni\Desktop\MBR.dat"
07:19:59.005 The log file has been saved successfully to "C:\Users\Mahoni\Desktop\aswMBR.txt"
|
|
27.06.2012, 12:18
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet spy.banker.gen - Wie werde ich den wieder los? Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.06.2012, 06:17
| #25 |
| | Avira meldet spy.banker.gen - Wie werde ich den wieder los?Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 06/28/2012 at 10:18 PM
Application Version : 5.5.1006
Core Rules Database Version : 8816
Trace Rules Database Version: 6628
Scan type : Complete Scan
Total Scan Time : 01:29:43
Operating System Information
Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 834
Memory threats detected : 0
Registry items scanned : 35685
Registry threats detected : 0
File items scanned : 136184
File threats detected : 474
Adware.Tracking Cookie
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\00TSGRZG.txt [ /adbrite.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\74K1QNT0.txt [ /adform.net ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\1CNJ85NR.txt [ /c.atdmt.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\LA0ZQCIZ.txt [ /ad.dyntracker.de ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\07PW1SH0.txt [ /atdmt.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\94XZIUYA.txt [ /invitemedia.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\ISHCBQ41.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\NHONPZST.txt [ /track.adform.net ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\W31203SE.txt [ /mediaplex.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\OC8DIUIA.txt [ /tracking.quisma.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\BQWCM1LX.txt [ /adfarm1.adition.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\02TUGSWJ.txt [ /bs.serving-sys.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\JRG7HY3J.txt [ /apmebf.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\NVNCC0QO.txt [ /zanox.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\105ZGFUP.txt [ /smartadserver.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\FZBG49IP.txt [ /www.etracker.de ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\D5VGPRS9.txt [ /eas.apm.emediate.eu ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\Y8HP96Q1.txt [ /www.zanox-affiliate.de ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\5UJT5DZQ.txt [ /dyntracker.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\I2CCNK2Q.txt [ /ad.yieldmanager.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\3MLCSLK8.txt [ /imrworldwide.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\R4X939MM.txt [ /fastclick.net ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\2S4J2F27.txt [ /ad.zanox.com ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\F0JUVFU2.txt [ /2o7.net ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\VX3FY0GV.txt [ /zanox-affiliate.de ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\NU1D9TDH.txt [ /doubleclick.net ]
C:\Users\Mahoni\AppData\Roaming\Microsoft\Windows\Cookies\D6Q9ZDXC.txt [ /serving-sys.com ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\BBC26SGV.txt [ Cookie:mahoni@msnportal.112.2o7.net/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\N88VC2X9.txt [ Cookie:mahoni@atdmt.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\M7I8F70W.txt [ Cookie:mahoni@adxpose.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\7083OZTO.txt [ Cookie:mahoni@c.atdmt.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\HGL84F9Y.txt [ Cookie:mahoni@media6degrees.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\24VVF91R.txt [ Cookie:mahoni@revsci.net/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\5C7U280Y.txt [ Cookie:mahoni@mediaplex.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZOF12FPT.txt [ Cookie:mahoni@adfarm1.adition.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\629AG5N3.txt [ Cookie:mahoni@edates.traffective-tracking.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\D0IYS8T8.txt [ Cookie:mahoni@bs.serving-sys.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\SIS8538T.txt [ Cookie:mahoni@lucidmedia.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\J9A30TWG.txt [ Cookie:mahoni@apmebf.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\BC3TSOP0.txt [ Cookie:mahoni@ad1.adfarm1.adition.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\AS4V08WZ.txt [ Cookie:mahoni@tradedoubler.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\852QAZY1.txt [ Cookie:mahoni@webmasterplan.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\B6PJPNGR.txt [ Cookie:mahoni@ad.yieldmanager.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\5JU88MF2.txt [ Cookie:mahoni@fastclick.net/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\mahoni@2o7[1].txt [ Cookie:mahoni@2o7.net/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\771QHB64.txt [ Cookie:mahoni@questionmarket.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\U3DEQPAZ.txt [ Cookie:mahoni@ru4.com/ ]
C:\USERS\MAHONI\AppData\Roaming\Microsoft\Windows\Cookies\Low\T8CZRPS5.txt [ Cookie:mahoni@doubleclick.net/ ]
C:\USERS\MAHONI\Cookies\00TSGRZG.txt [ Cookie:mahoni@adbrite.com/ ]
C:\USERS\MAHONI\Cookies\1CNJ85NR.txt [ Cookie:mahoni@c.atdmt.com/ ]
C:\USERS\MAHONI\Cookies\LA0ZQCIZ.txt [ Cookie:mahoni@ad.dyntracker.de/ ]
C:\USERS\MAHONI\Cookies\07PW1SH0.txt [ Cookie:mahoni@atdmt.com/ ]
C:\USERS\MAHONI\Cookies\NHONPZST.txt [ Cookie:mahoni@track.adform.net/ ]
C:\USERS\MAHONI\Cookies\W31203SE.txt [ Cookie:mahoni@mediaplex.com/ ]
C:\USERS\MAHONI\Cookies\BQWCM1LX.txt [ Cookie:mahoni@adfarm1.adition.com/ ]
C:\USERS\MAHONI\Cookies\02TUGSWJ.txt [ Cookie:mahoni@bs.serving-sys.com/ ]
C:\USERS\MAHONI\Cookies\JRG7HY3J.txt [ Cookie:mahoni@apmebf.com/ ]
C:\USERS\MAHONI\Cookies\NVNCC0QO.txt [ Cookie:mahoni@zanox.com/ ]
C:\USERS\MAHONI\Cookies\D5VGPRS9.txt [ Cookie:mahoni@eas.apm.emediate.eu/ ]
C:\USERS\MAHONI\Cookies\Y8HP96Q1.txt [ Cookie:mahoni@www.zanox-affiliate.de/ ]
C:\USERS\MAHONI\Cookies\5UJT5DZQ.txt [ Cookie:mahoni@dyntracker.com/ ]
C:\USERS\MAHONI\Cookies\I2CCNK2Q.txt [ Cookie:mahoni@ad.yieldmanager.com/ ]
C:\USERS\MAHONI\Cookies\R4X939MM.txt [ Cookie:mahoni@fastclick.net/ ]
C:\USERS\MAHONI\Cookies\2S4J2F27.txt [ Cookie:mahoni@ad.zanox.com/ ]
C:\USERS\MAHONI\Cookies\F0JUVFU2.txt [ Cookie:mahoni@2o7.net/ ]
C:\USERS\MAHONI\Cookies\NU1D9TDH.txt [ Cookie:mahoni@doubleclick.net/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\TYMBYT21.txt [ Cookie:michaela@doubleclick.net/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\SQB7NX9L.txt [ Cookie:michaela@atdmt.com/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\3NXG09YM.txt [ Cookie:michaela@mediaplex.com/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\G94QBUFB.txt [ Cookie:michaela@apmebf.com/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\NQC5HR2T.txt [ Cookie:michaela@c.atdmt.com/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\1YAYJ9A6.txt [ Cookie:michaela@serving-sys.com/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\Low\ELVBDIX1.txt [ Cookie:michaela@adfarm1.adition.com/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\Low\HNYOGY02.txt [ Cookie:michaela@specificclick.net/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\Low\W3JOJLLM.txt [ Cookie:michaela@doubleclick.net/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\Low\WLS2HTSD.txt [ Cookie:michaela@atdmt.com/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\Low\JNHA2SII.txt [ Cookie:michaela@c.atdmt.com/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\Low\W5KSU5EY.txt [ Cookie:michaela@serving-sys.com/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\Low\L5WNS90Y.txt [ Cookie:michaela@bs.serving-sys.com/ ]
C:\USERS\MICHAELA\AppData\Roaming\Microsoft\Windows\Cookies\Low\JBGILR01.txt [ Cookie:michaela@ad2.adfarm1.adition.com/ ]
C:\USERS\MICHAELA\Cookies\TYMBYT21.txt [ Cookie:michaela@doubleclick.net/ ]
C:\USERS\MICHAELA\Cookies\SQB7NX9L.txt [ Cookie:michaela@atdmt.com/ ]
C:\USERS\MICHAELA\Cookies\3NXG09YM.txt [ Cookie:michaela@mediaplex.com/ ]
C:\USERS\MICHAELA\Cookies\G94QBUFB.txt [ Cookie:michaela@apmebf.com/ ]
C:\USERS\MICHAELA\Cookies\NQC5HR2T.txt [ Cookie:michaela@c.atdmt.com/ ]
C:\USERS\MICHAELA\Cookies\1YAYJ9A6.txt [ Cookie:michaela@serving-sys.com/ ]
imagesrv.adition.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TNXSSU8L ]
track.webgains.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TNXSSU8L ]
www.ardmediathek.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TNXSSU8L ]
.apmebf.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
imagevenue.advertserve.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
imagevenue.advertserve.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
e2.emediate.se [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.ads20.wwe-media.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tns-counter.ru [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.stats.ebay.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
count.rbc.ru [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
delivery.atkmedia.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.thrixxx.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.thrixxx.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.medialand.ru [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.medialand.ru [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.engine.mediamir.medialand.ru [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
s06.flagcounter.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adnetwork.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wdmyomc5egp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wdkoshdpedp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfmiwgajelo.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmyopcjmkp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aek4akcpmhp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.harrenmedianetwork.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.advertstream.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.gostats.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.findhe.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.findhe.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.digital-media.us [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
track.solocpm.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.advertisingenhanced.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.advertisingenhanced.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
trackstatsnow.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
tracking.hostgator.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
porngeographic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
porngeographic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
porngeographic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
porngeographic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
porngeographic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
porngeographic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
porngeographic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
porngeographic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
porngeographic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
count.asnetworks.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfk4emcjshq.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wdl4cpcjahq.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.banners.victor.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkysocjebo.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.daimlerag.122.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.urbia.wwe-media.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.urbia.wwe-media.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkywkcpmap.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjloskc5shq.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
openx.mediasense.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tryteens.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tryteens.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tryteens.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkyukajafp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjmisidzahp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wflignd5sko.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.porngantic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.porngantic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.porngantic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.girlsteachsex.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.serving.xxxwebtraffic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.serving.xxxwebtraffic.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlyapc5chp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelyomcjmdp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aeliwmcjwdp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.sexad.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
openx.sexsearch.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.pornrush.org [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.pornrush.org [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.businessenhanced.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.businessenhanced.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.visit-tracker.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.cofidis2.solution.weborama.fr [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.cofidis2.solution.weborama.fr [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.cofidis2.solution.weborama.fr [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.cofidis2.solution.weborama.fr [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
tracking.publicidees.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
xml.trafficengine.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.trafficengine.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.3bluemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.3bluemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjk4oldjgfp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjl4ukajohp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlowncpeaq.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkiepdjwao.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.hearstdigital.122.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
wt.socialsex.biz [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aemiqlcpkbp.stats.esomniture.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ads.crakmedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.socialsex.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
adserver.weddix.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
pornrush.org [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
pornrush.org [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.ardmediathek.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mediasports.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mediasports.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.rezidor.112.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
vb.mol.vs.bluedotmedia.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
vb.mol.vs.bluedotmedia.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.socialsex.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.socialsex.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.secmedia.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.secmedia.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MAHONI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AB1Z9GM4.DEFAULT\COOKIES.SQLITE ]
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.07.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Mahoni :: MAHONI-PC [Administrator] Schutz: Aktiviert 07.06.2012 22:45:37 mbam-log-2012-06-07 (22-45-37).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 349846 Laufzeit: 1 Stunde(n), 22 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Userinit (Trojan.Agent) -> Daten: C:\Users\Mahoni\AppData\Roaming\appconf32.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Mahoni\AppData\Roaming\BAcroIEHelpe128.dll (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Grüße Toni |
|
29.06.2012, 12:17
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet spy.banker.gen - Wie werde ich den wieder los?Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.07.2012, 21:38
| #27 |
| | Avira meldet spy.banker.gen - Wie werde ich den wieder los? Arne, du merkst auch alles ;-) Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.28.11 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Mahoni :: MAHONI-PC [Administrator] 01.07.2012 18:36:46 mbam-log-2012-07-01 (18-36-46).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 357742 Laufzeit: 3 Stunde(n), 59 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Toni |
|
02.07.2012, 11:30
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet spy.banker.gen - Wie werde ich den wieder los? Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.07.2012, 20:13
| #29 |
| | Avira meldet spy.banker.gen - Wie werde ich den wieder los? Arne, vielen lieben Dank für die ausdauernde Unterstützung beim "Aufräumen" meines Rechners. Es hat ja einige Zeit gedauert. Ich finde es wirklich ehrenwert, dass die Experten sich hier mit diesem Engagement einbringen. Derzeit gibt es keine weiteren Probleme und ich hoffe es bleibt so. Grüße, Toni |
|
04.07.2012, 16:26
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet spy.banker.gen - Wie werde ich den wieder los? Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Avira meldet spy.banker.gen - Wie werde ich den wieder los? |
| abstürzen, antivir, aufrufe, autorun, avg, avira, bacroiehelpe, bho, bingbar, conduit, converter, defender, device driver, document, error, firefox, flash player, format, ftp, google earth, helper, langs, launch, logfile, mozilla, mp3, plug-in, realtek, registry, searchscopes, security, security scan, senden, software, trojaner, windows |
Linear-Darstellung
